InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.
The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...

'ClickFix' attack tricks users into hacking themselves, ACSC warns

ClickFix relies on tricking users into essentially hacking themselves by running commands that compromise their computers. In ...

Google’s Mueller On Why AI-Built Websites Miss SEO Basics

AI tools can build websites fast, but Mueller says they won't set up your canonicals, sitemaps, or robots.txt unless you tell ...
Dark Reading

Cyber Espionage Group Targets Aviation Firms to Steal Map Data

The attacks compromise aerospace and drone firms' systems to exfiltrate GIS files, terrain models, and GPS data to gain a clear picture of analysts' intel.
The Caledonian-Record

Command Alkon Receives Multiple Honors as 2026 Innovative Product Awards Winners

Command Alkon, the global leader in software and technology solutions for the heavy building materials industry, is among the winners of the ...
Bitdefender

ClickFix Campaign Uses Compromised WordPress Sites to Spread Vidar Stealer in Australia

Cybercriminals are increasingly relying on social engineering instead of traditional exploits, and Australian authorities are ...

New central command centre just what Toronto Police Service needs ahead of World Cup, Mayor says

Olivia Chow and Police Chief Myron Demkiw see multimillion-dollar command centre as part of World Cup legacy to benefit the ...

Trump says US-Iran ceasefire still in place after exchange of fire in Strait of Hormuz

Iran accuses the US of violating the truce, alleging it targeted an oil tanker and carried out attacks on coastal areas.

US says it has targeted Iranian military facilities after responding to attacks on navy ships

The US says it targeted Iranian "missile and drone launch sites; command and control locations; and intelligence, ...
Infosecurity Magazine

Cline Kanban Flaw Lets Websites Hijack AI Coding Agents

Cline is one of the most widely adopted open-source AI coding assistants, and its Kanban feature provides a web-based project ...